3 Problems of Today's Online Security Environment

This past November, Jeremy Grant, Senior Executive Advisor for Identity Management at the National Institute of Standards and Technology, spoke at Oracle’s Federal Forum about the threat of cyber crime and identity theft. You can view part one of his presentation here.

In part two, Grant discusses the three key problems of today’s online security environment.

1- Passwords are fundamentally broken. They are often redundant and too easy to crack which leads to identity theft. Plus, managing multiple passwords (each with its own requirements) has become increasingly cumbersome. This leads to people writing down passwords (not best practice) or leaving the site entirely.

2- “On the internet nobody knows if you’re a dog.” This particular issue has been true since the birth of the internet as there isn’t a way to prove someone is who they say they are.

3- Erosion of trust- information is being harvested which leads people to question what organizations are doing with their information and who they are giving it to.

One of NSTIC’s goals is to improve privacy standards so people can be more confident in sharing information. A great example Grant shares is from Department of Defense. Over the last ten years, DoD has implemented the Common Access Card. All employees must log in using this card, which means there is no way into the system using usernames and passwords. According to DoD, intrusions fell 46% nearly overnight!

Stay tuned for the third part of Grant's presentation as he discusses NSTIC’s purpose, goals and plans for the future.